How well do you know your network?

The information security officer for a network of healthcare centers in New York found an employee sending confidential payroll information to a recruiter. A California-based semiconductor manufacturing technology provider caught a worker e-mailing PowerPoint slides detailing product plans to a former colleague at a competitor to show off the “cool things” he was working on. A network administrator for a school district in Indiana nabbed a student trying to finagle school lunch account information stored on an off-limits server.

These are just some of the things you can learn when you take a good look at what goes on inside your network.

Related story: Network monitoring tools vendors aim to let tools play together

“Oh, you’d be surprised,” says Mark Moroses, senior director of technical services and information security officer with Maimonides Medical Center in Brooklyn, who found an employee instant-messaging payroll information – including social security numbers – to a recruiter.

That discovery came about three years ago when Maimonides was looking for a way to better control who was accessing what on its network, per HIPAA specifications and also because the company has to give network access to users who aren’t employees, such as referring doctors. Maimonides brought in security vendor Reconnex, which set up a risk assessment test that monitored the network for 48 hours.

“It’s an eye-opening experience,” Moroses says of the test. Having found numerous instances of questionable employee productivity (extended visits to Myspace.com, for example) as well as some policy breaches, the company installed Reconnex’s electronic risk protection offering to monitor employee interaction with the outside world, and is now leveraging the product to ensure that employees are only accessing the internal information that they are authorized to view.

“We’ve gone through an awakening in stages, we put [Reconnex] at all our egress points because we wanted to know what’s going out, what’s coming in…it leads you to ask questions about what’s going on internally, people accessing internal data,” Moroses says. “We’ve looked at the edge, now we’re looking internally.”

Reconnex is one of a handful of vendors that make up a relatively new area in the security market that also includes vendors such as Oakley Networks, Vontu, Vericept, PortAuthority Technologies, Securify, Tablus, and others.

Called a variety of terms including network content filtering/control, network leak prevention, extrusion prevention, and risk protection, this category is largely defined by products that monitor multiple network protocols with sophisticated word analysis and automated data discovery techniques to alert administrators when sensitive information is being accessed by unauthorized employees and/or sent outside of the network. As these products mature, the facility to block sensitive information from being viewed or sent out of the network is being added.

While having such a view into your network sounds as good as a superpower, there are trade offs.